Japan Exposes Years of Cyber Attacks: Chinese Hackers Target Government and Tech Firms

Japan Exposes Years of Cyber Attacks: Chinese Hackers Target Government and Tech Firms

The Japanese government has recently issued an alert regarding a significant cybersecurity threat from a Chinese hacking group, known as MirrorFace. This group has been targeting various government entities, corporations, and individuals across Japan since 2019, raising serious concerns about national security and technological advancements.

Details of the Cybersecurity Threat

According to the National Police Agency and the National Center of Incident Readiness and Strategy for Cybersecurity, the MirrorFace hacking campaign is organized and appears to have connections to China. The primary aim of this group is to steal sensitive information related to Japan’s national security and advanced technologies.

Targets of the MirrorFace Campaign

The extensive alert highlighted that the targets of these cyberattacks included:

  • Japan’s Foreign and Defense Ministries
  • The country’s space agency
  • Politicians and journalists
  • Private companies and tech think tanks

As reported by the Associated Press, the hacking spree has evolved over the years. A blog post by Japan’s Computer Emergency Response Team Coordination Center (JPCERT/CC) indicated that MirrorFace initially focused on media, political organizations, think tanks, and universities. However, their targets have shifted towards manufacturers and research institutions since 2023.

Methods Employed by MirrorFace

In a 2022 report, the cybersecurity firm ESET detailed a spearphishing email campaign executed by MirrorFace. This campaign primarily targeted Japanese political entities and specific politicians ahead of the elections. Notably, it was found that MirrorFace does not have apparent ties to other known Chinese government hacking groups.

Types of Cyber Attacks

The alert disclosed that MirrorFace employed spearphishing techniques in their multi-year campaign, which included:

  1. 2019-2023: Targeted individuals working for think tanks, active and retired politicians, and journalists.
  2. 2023-Present: Focused on internet-connected network devices within companies in sectors such as semiconductor, manufacturing, information and communications, academia, and aerospace.
  3. June 2024: Launched attacks aimed at academics, think tanks, politicians, and media personnel in Japan.
READ ALSO  Critical Alert: Palo Alto Networks Discovers New Firewall Vulnerability Targeted by Hackers

Implications for Japan’s Cybersecurity

Japan’s unique pacifist constitution has resulted in limited capabilities in cyberspace, according to experts. A report by The Washington Post revealed that the U.S. National Security Agency had uncovered in 2020 that Chinese military hackers compromised some of Japan’s most sensitive classified defense networks.

This ongoing threat from MirrorFace underscores the necessity for enhanced cybersecurity measures in Japan, particularly in protecting vital national interests and sensitive information.

Source link

Similar Posts

Uncovering Spyzie: The Stalkerware Targeting Thousands of Android and iPhone Users

Uncovering Spyzie: The Stalkerware Targeting Thousands of Android and iPhone Users

Bysupport

A phone surveillance operation called Spyzie has compromised over 500,000 Android devices and thousands of iPhones and iPads, exposing users’ personal data. Researchers discovered that Spyzie shares vulnerabilities with other stalkerware apps like Cocospy and Spyic, which have collectively affected over 2 million individuals. This flaw allows unauthorized access to sensitive information, including text messages and location data. The incident underscores the growing concern over consumer surveillance applications, which, despite potential legal uses, pose significant data security risks. Users are advised to take steps to detect and remove Spyzie and enhance their account security.

Revolutionizing Security: How This Startup is Transforming Passkeys from Clunky to Seamless

Revolutionizing Security: How This Startup is Transforming Passkeys from Clunky to Seamless

Bysupport

Passwords are often inadequate for online security, contributing to one-third of data breaches, prompting the rise of passkeys. Over 15 billion accounts can utilize this technology, with major companies like Amazon and Apple pushing its adoption. However, usability concerns hinder widespread use. Hawcx, a 2023 startup led by Riya Shanmugam, is innovating passwordless authentication. Its solution enables seamless user verification without storing private keys, simplifying logins across devices. Having secured $3 million in funding, Hawcx aims to collaborate with banks and gaming firms for pilot programs and validate its technology with Stanford experts, ultimately aspiring to create a unified authentication platform.

Insight Partners Confirms January Cyberattack: What You Need to Know

Insight Partners Confirms January Cyberattack: What You Need to Know

Bysupport

U.S. venture capital firm Insight Partners disclosed a significant cybersecurity breach occurring in January, where hackers accessed its systems via a social engineering attack. The firm acted quickly to contain the breach and launched an investigation shortly after detection. While specific details remain undisclosed, Insight Partners, which manages over $90 billion in assets, has notified stakeholders and recommended enhanced security protocols, suggesting possible data access. Despite the incident, the firm assured stakeholders that operations would continue without disruption. This breach underscores rising data security concerns in the investment sector as organizations face evolving cybersecurity threats.

Senator Raises Alarm Over National Security Threats Following Elon Musk's DOGE Access to Sensitive Treasury Systems

Senator Raises Alarm Over National Security Threats Following Elon Musk’s DOGE Access to Sensitive Treasury Systems

Bysupport

Concerns have emerged regarding Elon Musk’s access to a critical U.S. Treasury payments system, which his team, the Department of Government Efficiency (DOGE), was granted by Treasury Secretary Scott Bessent. Senator Ron Wyden highlighted potential national security risks, emphasizing that the system handles sensitive data related to Social Security, Medicare, and government payments. Wyden warned that Musk’s business interests in China could create conflicts of interest and cybersecurity threats. Recent breaches attributed to China underscore the need for strict oversight of such access to protect American citizens’ personal information and ensure the system’s security.

Data Breach Alert: Hackers Compromise Sensitive Personal Information of 500,000 US Teachers' Union Members

Data Breach Alert: Hackers Compromise Sensitive Personal Information of 500,000 US Teachers’ Union Members

Bysupport

The Pennsylvania State Education Association (PSEA) reported a major data breach affecting over 517,000 members, raising concerns about cybersecurity in educational organizations. The breach, disclosed to Maine’s attorney general, occurred in July 2024 and involved unauthorized access to sensitive information, including Social Security numbers, government IDs, medical records, and financial details. PSEA reassured members that not all data may have been compromised and indicated potential ransomware involvement. The incident underscores the necessity for stronger cybersecurity measures, and members are advised to monitor their accounts for suspicious activity. PSEA has not yet responded to media inquiries regarding the breach.

DeepSeek Data Breach: Sensitive Chat Histories and Internal Database Exposed!

DeepSeek Data Breach: Sensitive Chat Histories and Internal Database Exposed!

Bysupport

Chinese AI company DeepSeek recently faced a cybersecurity crisis due to a critical vulnerability in an unsecured back-end database that leaked sensitive information, including user chat histories and API keys. Discovered by security researchers from Wiz, the database was accessible without a password, exposing over a million unencrypted logs. DeepSeek swiftly took the database offline after being alerted. However, it remains uncertain if unauthorized access occurred prior to its removal. This incident underscores the need for improved database security practices, particularly for rapidly growing tech companies like DeepSeek, which has gained popularity since its launch in December.